Communication between servers and clients may often carry sensitive information or may carry content provided to the clients for a fee. A situational example of sensitive information may comprise a bank server providing banking information to an account holder client and the client entering transactions on a bank account. An example of content paid by a client may comprise a pay-TV content provided by an Internet Protocol TV (IPTV) server to an IPTV terminal. Whether the information exchanged between a server and a client is sensitive or has a commercial value, it is customary to encrypt the information in order to prevent eavesdropping by third parties.
FIG. 1 (Prior Art) shows a typical server-client network. The network 100 comprises a server 110, a client 120, the Internet 130 and other parties 140. Content exchanged between the server 100 and the client 120 travels through the Internet 130. As other parties 140 are also connected to the Internet 130, the content is encrypted between the server 110 and the client 120. The server 110 may serve a plurality of clients. The server 110 thus contains a table 112 further comprising, for each client, a client identity (CID) 114, an authentication key for the client, which may for example be a shared key (SHK) 116, and an content key (CK) 118. The client 120 also stores its own copies of the SHK 122 and of the CK 124. The CK 118 and 124, which are of equal value, are used to encrypt the information at a source (server or client) and to decrypt the information at a destination (client or server). FIG. 2 (Prior Art) shows a manner of using an encryption key to encrypt a data packet. The value of the keys CK 118 and 124 is represented as key 210. The key 210 is combined in an exclusive-OR (XOR) operation with the content of a data packet 220. This results in an encrypted packet 230. If a length of the keys CK 118 and 124 is not equal to a length of the data packet 220, a part of a longer key may be applied to a shorter data packet 220 or a shorter key may be applied successively to parts of a longer data packet 220. The encrypted packet 230 is sent from a source to a destination, where a further XOR operation of the encrypted packet 230 with the key 210 yields the original data packet 220.
Other parties 140 are not aware of the value of the CK 118 and 124 and are thus not capable to decrypt the information. The value of the CK 118 and 124 is generally generated in the server 110 and provided to the client 120. The SHK 116 is used to encrypt the CK 118 so that other parties 140 may not obtain the value of the CK 118. Manners of ensuring that the SHK 116 and 122 are protected against malicious eavesdroppers are well-known in the art. Of course, besides shared keys, other means are commonly used to ensure that encryption keys may be provided from a source to a destination; such means comprise for example the use of well-known public-private key pairs.
If a fixed value is used for the CK 118 and 124, other parties 140 may eventually be able to decode it. In such cases, the communication between the client 120 and the server 110 may become non-secure. This threat may be overcome by regenerating a new value of the encryption key CK 118 frequently and sending the new value to the client 120, the new CK 118 being also encrypted by use of the SHK 116. This process is called a rekey process. In a transmission error free network, the rekey process may be very effective. However, transmission errors may prevent the client 120 from receiving a rekey message. Transmission errors may occur for example in mobile wireless networks. They may occur in satellite TV networks, for example during a thundershower in the area of a satellite TV client. If the client 120 still has an old CK 124 value that no longer matches the CK 118 value, the client 120 becomes unable to decrypt received information and, as it encrypts information intended to be sent towards the server 110, it may use the old CK 124 value that is no longer recognized by the server 110. While it is possible for the client 120 to ask for a key renewal, this may only occur after the loss of the CK 124 value has been detected, adding delays to the proper decoding of the information and adding signaling overhead between the client 120 and the server 110.